English
Deutsch
Español
Español – América Latina
Français
Indonesia
Italiano
Português
Português – Brasil
中文 – 简体
中文 – 繁體
日本語
한국어

Console

Contact Us Start free

Permissions and roles

This page describes the permissions and roles that are required to use and configure Blockchain Node Engine.

The blockchain nodes themselves expose an API endpoint. Google does not define this API, but is part of the third party software we run. You can see an example of this at Ethereum's JSON-RPC Server. This endpoint requires an API key to access. API keys are managed in Google Cloud, and as such use the permissions defined on Access control with IAM. These permissions have been added to the admin role.

Roles

This section lists all curated roles provided by Blockchain Node Engine service.

Viewer

Grants read access to all Blockchain Node Engine resources. Intended for engineers who use but do not manage nodes. API keys are expected to be provided from an admin. The viewer does not have direct access to look up API keys.

Blockchain Node Engine actions:

blockchainnodeengine.googleapis.com/blockchainNodes.get
blockchainnodeengine.googleapis.com/blockchainNodes.list
blockchainnodeengine.googleapis.com/locations.get
blockchainnodeengine.googleapis.com/locations.list
blockchainnodeengine.googleapis.com/operations.get
blockchainnodeengine.googleapis.com/operations.list

Retrieve project information:

cloudresourcemanager.googleapis.com/projects.get
cloudresourcemanager.googleapis.com/projects.list

Return APIs information:

serviceusage.googleapis.com/services.get

Admin

Grants full access to all Blockchain Node Engine resources. Intended for blockchain node administrators.

Administrators have all permissions available to blockchainnodeengine.googleapis.com/viewer plus:

API keys management:

apikeys.googleapis.com/keys.update
apikeys.googleapis.com/keys.create
apikeys.googleapis.com/keys.delete
apikeys.googleapis.com/keys.get
apikeys.googleapis.com/keys.getKeyString
apikeys.googleapis.com/keys.list
apikeys.googleapis.com/keys.undelete

Blockchain Node Engine actions:

blockchainnodeengine.googleapis.com/blockchainNodes.create
blockchainnodeengine.googleapis.com/blockchainNodes.delete
blockchainnodeengine.googleapis.com/operations.cancel
blockchainnodeengine.googleapis.com/operations.delete

serviceusage.googleapis.com/services.enable

See also

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-10-16 UTC.